U.S. Department of Defense Promotes Security Benefits of the Cloud
We have all heard of the high profile security breaches at the U.S. Department of Defense in the last few years — from state sponsored hackers stealing nearly 25,000 files related to new weapon systems to an army soldier providing secret documents to WikiLeaks, among others.
The fact that those breaches occurred on supposedly secure systems that DOD and its industry partners have operated for years shows just how challenging cyber security can be, even under the best of circumstances.
Speaking before the House of Representatives, Army General Keith Alexander, commander of U.S. Cyber Command and Director of the National Security Agency, said cloud computing provides the best way to secure DOD networks. Interestingly, he did not stress cloud computing’s ability to cut costs; rather, he emphasized its security benefits.
His statements may be surprising, but they echo an ongoing transition in public-sector thinking about cloud computing. In the past year, the federal government has become increasingly supportive of the cloud, and has adopted cloud models for key agencies.
As Jesse Lipson pointed out in a recent Forbes article, “Most cloud computing companies are like experienced airline pilots. They are well trained, have backup systems and contingency plans in case they encounter an issue, and they have a full staff of professionals regularly checking and maintaining their service. Cloud software companies, knowing the implications of a crash on their business’ bottom line, invest significant resources into insuring that such a disaster never occurs. Cloud computing companies can invest far more resources in data backup and security than your business can.”
Compare this, for a moment, to the levels of protection that your company provides.
The cloud is also provided by new systems that were out of reach for most organizations in the past. A couple of months ago, Amazon released new security measures that can encrypt data when writing the file. Decryption happens automatically when data is retrieved. This adds yet another level of security to your data that did not exist before.